XF 1.3IP Logging

Member

After we upgraded to 1.3 we have had an issue with IP logging. The Ip addresses for users are the internal IP addresses of our servers in our ASG in AWS. This means banning anyone by IP is impossible along with a few other things. I've been looking into the issues and just dumping the value from XenForo_Helper_Ip::getBinaryIp() seems to get the right IP address. I also noticed if I hostmapped directly to a box then I also got my correct IP address logged.

I'm worried it's some sort of issues with the request object having the incorrect client IP or something now that we've switched to an ASG. Any ideas?

Edit: Just removed the host map entry and performed a moderator action and it was back to logging the server IP in the admin action log.

Well-known member

Because you are delivering through at least one intermediary device (eg akamai or elb), the IP header on a tcp packet needs to be replaced with the internal ip of the intermediary device. Otherwise the final destination server (eg nginx) would attempt to send traffic back directly to client, which would be rejected as the send ip and port of the client would mismatch. So the intermediary puts the real IP in another header, frequently HTTP_X_FORWARDED_FOR, but could be anything bar headers with meaning (eg HOST). The config file trick simply swaps the real IP back to the server field that XF (or any PHP script) was expecting the real IP to be in